Szolgáltatóknak | HunCERT csoport

2024. aug. 5.

Riasztás

NA - CVE-2024-40530 - Insecure Permissions vulnerability in UAB...

Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.402.072 allows a remote attacker to execute arbitrary code via modification of the X-Forwarded-For...

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-40531 - An issue in UAB Lexita PanteraCRM CMS v.401.152...

An issue in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.402.072 allows a remote attacker to escalate privileges via the user profile management function.

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-40498 - SQL Injection vulnerability in PuneethReddyHC...

SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-41200 - A segmentation fault in KMPlayer v4.2.2.65...

A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-41376 - dzzoffice 2.02.1 is vulnerable to Directory...

dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php.

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-41380 - microweber 2.0.16 was discovered to contain a...

microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\modules\tags\add_tagging_tagged.php.

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-41381 - microweber 2.0.16 was discovered to contain a...

microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\modules\settings\admin.php.

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-42008 - A Cross-Site Scripting vulnerability in...

A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a...

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-42009 - A Cross-Site Scripting vulnerability in...

A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a...

security-database.com

Tovább

2024. aug. 5.

Riasztás

NA - CVE-2024-42010 - mod_css_styles in Roundcube through 1.5.7 and...

mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote...

security-database.com

Tovább

Telefon:	+36 1 279 6222 (09:00-16:00)
Email:	@email
Cím:	1111 Budapest, Kende u. 13-17.